Summary:
The Systems Security Analyst is a critical member of the Chief Information Security Officer's (CISO's) team. This is a hands-on role that requires a high level of technical and analytical expertise. Responsible for a broad range of tasks including the day-to-day administration of information security tools the creation of security documentation governance risk compliance (GRC) management as well as second-level and third-level support for security information and event management (SIEM).
Responsibilities:
Researches and assists in the piloting the evaluation of new tools technologies technical controls and processes to support and enforce defined security policies.
Participates in a variety of information security functions � Vulnerability Management Penetration Testing Incident Response Audit Governance Solution Design.
Works with various infrastructure teams and business units to ensure policy compliance and adherence to security best practices.
Monitors system logs SIEM tools and network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations for resolution
Assists in the development and documentation of security architecture policies standards and procedures.
Collates security incident and event data to produce monthly management and exception reports.
Measures and reports on the technical metrics of security controls.
Works with outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
Participates in the operation of incident management including detection response and reporting.
Contributes to a knowledgebase comprising a technical reference library security advisories and alerts information on security trends and practices and laws and regulations.
Participates in the day-to-day activities of threat and vulnerability management identify risk tolerances recommends treatment plans and communicates information about residual risk.
Participates in security projects and provides expert guidance on security matters for other IT projects.
Ensures audit trails system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
Validates baseline security configurations for operating systems applications and networking and telecommunications equipment
Provides second and third-level support and analysis during and after a security incident.
Assists Brown University Health staff in the resolution of reported security incidents.
Participates in security investigations and compliance reviews as requested by internal or external auditors.
Supports Brown University Health�s Legal e-discovery processes to include identification collection preservation and processing of relevant data.
Participates in GRC (Governance Risk Compliance) activities surrounding policies exceptions risk register and compliance requirements such as HIPAA PCI and JMC.
Researches and assess new threats and security alerts and recommends remedial actions.
Performs other duties as assigned.
Other information:
EXPERIENCE:
A minimum of ten years of IS experience with five years in an information security role.
A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred.
Certifications Required (3 or more - CISSP CCSP OSCP CISA CRISC GIAC CEH Security+)
Certifications Preferred (Technology Certifications - Cisco Microsoft Linux)
Expert level in security best practices.
Intermediate level with Wireshark and/or equivalent packet capture and analysis
Strong understanding of networking technologies from architecture best practices to packet analysis
Experience with patch management device hardening configuration auditing and other end point security best practices.
Familiarity with the principles of cryptography and cryptanalysis.
Understanding of Public Key Infrastructure
Experienced in the use of virtualization technologies
Knowledge of and experience in developing and documenting security architecture and plans including strategic tactical and project plans.
In-depth knowledge of risk assessment methods and technologies.
Proficiency in performing risk business impact control and vulnerability assessments.
Excellent technical knowledge of mainstream operating systems [for example Microsoft Windows and Linux] and a wide range of security technologies such as network security appliances identity and access management (IAM) systems anti-malware solutions automated policy compliance tools and desktop security tools.
Experience in developing documenting and maintaining security policies processes procedures and standards.
Knowledge of network infrastructure including routers switches firewalls and the associated network protocols and concepts.
Experience with common information security management frameworks such as [International Organization for Standardization (ISO) 2700x and the ITIL COBIT and National Institute of Standards and Technology (NIST)] frameworks.
Strong written and verbal communication skills.
Ability to communicate security guidance to a non-technical audience.
SUPERVISORY RESPONSIBILITIES:
Employee functions independently within department policies and practices; refers specific complex problems to the CISO where clarification of departmental policies and procedures may be required.
Brown University Health is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race color religion sex national origin age ethnicity sexual orientation ancestry genetics gender identity or expression disability protected veteran or marital status. Brown University Health is a VEVRAA Federal Contractor.
Location: Brown University Health Corporate Services USA:RI:Providence
Work Type: Full Time
Shift: Shift 1
Union: Non-Union